Understanding Risk

By Roger on October 29, 2009 7:27 PM | 1 Comment | No TrackBacks

People tend to not prioritize their risk correctly. SANS Top Cyber Security report in September 2009 pointed out that people are not patching third party applications or taking care of web servers correctly.

I recently ran across the image below (click for full size) that showed the number of deaths in the last 300 days broken down by category and compared that to the number of deaths for H1N1.

risk.jpg

(not sure who to credit on the photo, it wasn't giving to me in context, here is the original link..

Categories:

Tags:

No TrackBacks

TrackBack URL: http://www.infosecblog.org/mt-tb20071121.pl/950

1 Comment

Pete | November 4, 2009 3:48 PM | Reply

Hi, Roger -

That's a great photo with a great point. It is not clear to me which IT risks are like H1N1 (higher priority than justified) and which are like the other death instances (lower priority).

Do you have a recommended approach for IT folks?

Thanks,

Pete

Leave a comment

Categories

Archives

Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Follow me on Twitter
Got Backups? Get Safe Online Remember Rick Rescorla
Powered by Movable Type 4.31-en

Search

About this Entry

This page contains a single entry by Roger published on October 29, 2009 7:27 PM.

Cisco buys ScanSafe was the previous entry in this blog.

Kaspkersky False Positive in gosearch.gif is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.